See: unknown_html malware detected Clean mX Viruswatch - http://support.clean-mx.de/clean-mx/viruses.php?review=159.253.142.194&sort=id%20DESC avast detects as JS:HideLink-A [Trj] : https://www.virustotal.com/nl/file/996a7de72267a44a531a4cd253faebf9b2fded61e0fb533f0bcb6452ab24aafc/analysis/
6 instances of SEO Spam detected: Known javascript malware. Details: http://sucuri.net/malware/entry/MW:SPAM:SEO?g12
t=‘’;}}x[l-a]=z;}document.write(‘<’+x[0]+’ ‘+x[4]+’>.‘+x[2]+’{‘+x[1]+’}</‘+x[0]+’>');}dnnViewState();
Web application version:
Joomla Version 1.5.18 - 1.5.26 for: htxp://perfecthealthherbalng.com/media/system/js/caption.js
Joomla Version 1.5.18 to 1.5.26 for: htxp://perfecthealthherbalng.com/language/en-GB/en-GB.ini
Joomla version outdated: Upgrade required.
cPanel version 11.40.1.11 outdated: Upgrade required.
Outdated Joomla Found: Joomla under 2.5.26 or 3.3.5
Outdated cPanel Found: cPanel 11.40.1.11
Outdated Web Server Apache Found: Apache/2.2.25

Malicious external element detected: htxp://www.khawaib.co.uk/joomla/downloads/item/12-facebook-fanbox.html
See: 6fed838ff983056091608069f5bac0ba487f3bdf
Above link for security researchers only, open up with NoScript extension active and browser inside a VM/sandbox.

Potentially suspicious code detected: 1. /modules/mod_flying_tweets/js/chili-1.7.pack.js
Severity: Potentially Suspicious
Reason: Detected potentially suspicious content.
Details: Detected potentially suspicious initialization of function pointer to JavaScript method eval __tmpvar1959009192 = eval;

 <style>.npliqjmkho{position:absolute;left:-1816px;}</style>

An update here for this malcode: https://www.uploady.com/download/jbDRHLRXzQ2/VqCuUD6RoO2GoTGG
and https://www.virustotal.com/nl/url/ab83ca0e04287dbeb56930ab9d56369722af2a8b038a28e81c444d97402a1d1c/analysis/
Infested with SEO Spam: http://sitecheck.sucuri.net/results/www.autoinformator.bydgoszcz.pl
Web application version:
Joomla Version 2.5.27 found at: htxp://www.autoinformator.bydgoszcz.pl/administrator/manifests/files/joomla.xml
Joomla version outdated: Upgrade required.
Outdated Joomla Found: Joomla under 2.5.26 or 3.3.5

pol

Another update for this: This is a suspicious page
Result for 2015-03-10 23:01:53 UTC
Website: htxp://bh-wilkins.co.uk
Checked URL: htxp://bh-wilkins.co.uk/
Trojans detected:
Object: htxp://bh-wilkins.co.uk/
SHA1: ad1c4e701507acdcacd634c3980bc5cd49604786
Name: TrojWare.JS.Agent.caa Avast detects this as JS:HideMe-J [Trj]
Missed here: http://evuln.com/tools/malware-scanner/http%3A%2F%2Fbh-wilkins.co.ukSEO Spam MW:SPAM:SEO?g12 htxp://bh-wilkins.co.uk
SEO Spam MW:SPAM:SEO?g12 htxp://bh-wilkins.co.uk/bathrooms
SEO Spam MW:SPAM:SEO?g12 htxp://bh-wilkins.co.uk/kitchens
SEO Spam MW:SPAM:SEO?g12 htxp://bh-wilkins.co.uk/painting-a-decorating
SEO Spam MW:SPAM:SEO?g12 htxp://bh-wilkins.co.uk/small-building-works
SEO Spam MW:SPAM:SEO?g12 htxp://bh-wilkins.co.uk/contact-us
Known javascript malware. Details: http://sucuri.net/malware/entry/MW:SPAM:SEO?g12
t=‘’;}}x[l-a]=z;}document.write(‘<’+x[0]+’ ‘+x[4]+’>.‘+x[2]+’{‘+x[1]+’}</‘+x[0]+’>');}dnnViewState();
10 malicious and 4 suspicious files: http://quttera.com/detailed_report/bh-wilkins.co.uk
Detected reference to malicious blacklisted domain -www.autson.com
Detected reference to suspicious blacklisted domain 79.170.40.241
Web application version:
Joomla Version 1.5.18 - 1.5.26 for: htxp://bh-wilkins.co.uk/media/system/js/caption.js
Joomla Version 1.5.18 to 1.5.26 for: htxp://bh-wilkins.co.uk/language/en-GB/en-GB.ini
Joomla version outdated: Upgrade required.
Outdated Joomla Found: Joomla under 2.5.26 or 3.3.5
Outdated Web Server Apache Found: Apache/2.4.9

polonus